Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2014.1264 Security Bulletin: Multiple security vulnerabilities in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition (CVE-2014-0114, CVE-2014-0050, CVE-2013-5879) 30 July 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Content Analytics with Enterprise Search IBM OmniFind Enterprise Edition Publisher: IBM Operating System: AIX Linux variants Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2014-0411 CVE-2014-0114 CVE-2014-0050 CVE-2013-5879 Reference: ASB-2014.0077 ASB-2014.0005 ESB-2014.1262 ESB-2014.1258 ESB-2014.0102 ESB-2014.0065 ESB-2014.0058 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21678830 - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin: Multiple security vulnerabilities in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition (CVE-2014-0114, CVE-2014-0050, CVE-2013-5879) Security Bulletin Document information More support for: Watson Content Analytics Software version: 2.2, 3.0 Operating system(s): AIX, Linux, Linux on System z, Windows Reference #: 1678830 Modified date: 2014-07-18 Summary Multiple security vulnerabilities have been identified in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition. Vulnerability Details CVE ID: CVE-2014-0114 DESCRIPTION: The version of Apache Struts used by the administration console could allow a remote attacker to execute arbitrary code, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. This vulnerability does not affect user applications. CVSS: CVSS Base Score: 7.5 CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/92889 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE ID: CVE-2014-0050 DESCRIPTION: Apache Commons FileUpload is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. CVSS: CVSS Base Score: 5 CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90987 for the current score CVSS Environmental Score*: Undefined CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P CVE ID: CVE-2013-5879 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Maintenance component could allow a local attacker to cause a denial of service or possibly be used by a remote attacker to execute code on server installations. CVSS: CVSS Base Score: 1.5 CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90282 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:L/AC:M/Au:S/C:N/I:N/A:P) Affected Products and Versions IBM Content Analytics with Enterprise Search V3.0 and V2.2 IBM OmniFind Enterprise Edition V9.1 Remediation/Fixes IBM recommends installing recommended fixes as outlined below. Product IBM Content Analytics with Enterprise Search VRMF V3.0 APAR None. How to acquire If not already installed, install V3.0 Fix Pack 4 (see the Fix the fix Pack download document). Download and apply Interim Fix IF002. See the 3.0.0.4-WT-ICAwES-ReadMe-IF002.txt file for instructions. Product IBM Content Analytics VRMF V2.2 APAR None. How to acquire If not already installed, install V2.2 Fix Pack 3 (see the Fix the fix Pack download document). Download and apply Interim Fix IF002. See the 2.2.0.3-WT-ICA-ReadMe-IF002.txt file for instructions. Product OmniFind Enterprise Edition VRMF V9.1 APAR None. How to acquire If not already installed, install V9.1 Fix Pack 5 (see the Fix the fix Pack download document). Download and apply Interim Fix IF003. See the 9.1.0.5-WT-OEE-ReadMe-IF003.txt file for instructions. References Complete CVSS Guide On-line Calculator V2 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History July 16, 2014: Original version published July 18, 2014: Removed CVE-2014-0411 *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. Cross reference information Segment Product Platform Version Watson Group OmniFind Enterprise Edition AIX, Linux, Solaris, 9.1 Windows, Linux on System z - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU9hMGxLndAQH1ShLAQL91RAAgBKkK+IzQInfznFE1VBfRQqHIaWjgJ/r fRThbmDsPsJ9U1pAhUyEIsP5rNJezGQDUhO6cWQGZ38Ze9z+pR18u5D1MGLvIje1 4Cssfgk0sfKWS4CNfX53rbVaJBfGW74wsl7NekI/PAtPOkgD0AbnA1TERD+cr5YZ uNK8OCrApKR6sEeCoUSK6xWLBdVZRZujcvnk1c9chCSaASu7mVMlfH/GlBfmQANC yXv/2Fvj3bmRORJwauDGwiwu5t8IyB7lBgUf3+oaRauUN69h+3/QhkcWPlrxKqc0 Y70T3sJgelmrFXWIbhWFq+28hlq2CmxmapyKUT1N3gptv1N7rvickStJCyXiSB4L QSnSrrqhrZ7NLBQqJ2ZkLY/6+bDPk3Mr9tdUcvS4UAo/XUFU/G+mXGHIngDueiDV riNVZ63ArZJwK5Yp5TaVOxOGF9BrtFymfQw3KkTp4HP+YsJ2UAzCdR2QOKl7fkLp L3zbM9ecswsN67IXqA7DBK3GglPRIH5GpKj/xNQGMnWWP3D/3My+Cw2YzDdcUH+2 +IzT832LYURkmcInWYWgWxHYcjSfWy6JhBS2Z9PPTNVJqI5riY1h6fVwUtZSae3+ 5tM27gMvQMNaOozuLzA5L2AS+jaPDyWtxuBai1Yqzd9i/PEt3sbsHKeyYITGe91W vIshsVY3NAU= =TIhj -----END PGP SIGNATURE-----